is sending SQL query operators in HTTP GET requests is some kind of security issue?

Question

Our webserver is forwarding HTTP GET request to application server as below including a statement or condition like "AND 1=1", our Palo Alto Firewall detecting this traffic as SQL Injection alert.

PCAP is like below

Hypertext Transfer Protocol GET /cadocs/0/j027931e.pdf?resultnum=9&intcmp=searchresultclick AND 1=1 HTTP/1.0\r\n [Expert Info (Chat/Sequence): GET /cadocs/0/j027931e.pdf resultnum=9&intcmp=searchresultclick AND 1=1 HTTP/1.0\r\n]

Can you please explain me is webserver sending this "AND 1=1" in requests is bad practice how it can help attackers? What kind of modifications can be done from webserver or application server side to resolve this?

Thank You for your efforts...

score 2 · Answer 1 · answered Sep 27 '19 at 15:07

AND 1=1 is a common SQL Injection payload to select all results of an SQL query since it always evaluates to true.

It being sent along with the URL can be for numerous reasons, but it might be an indicator for an SQL Injection vulnerability if the URL parameter is directly fed into an SQL statement and is not properly sanitized beforehand.

is sending SQL query operators in HTTP GET requests is some kind of security issue?

1 Answers1